SourceCodester Best Online News Portal Login Page sql injection
CVE-2023-0784

9.8CRITICAL

Key Information:

Vendor

SourceCodester
Status
Best Online News Portal
Vendor
CVE Published:
12 February 2023

What is CVE-2023-0784?

A vulnerability has been discovered in SourceCodester's Best Online News Portal 1.0, specifically within the Login Page component. An attacker could exploit this vulnerability through manipulation of the username argument, leading to SQL injection. This flaw allows for remote exploitation, presenting significant security risks as the exploit has already been disclosed publicly. It is crucial for users of the affected product to take necessary precautions and implement mitigation strategies.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Best Online News Portal 1.0

References

https://vuldb.com/?id.220644
vdb-entrytechnical-description
https://vuldb.com/?ctiid.220644
signaturepermissions-required
https://youtu.be/V62MSWhLGL4
media-coverage

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Gab3 (VulDB User)
JSON
.